I want to find out mutual friends between two random users using the facebook Graph API v2.2.
I read through the documentation https://developers.facebook.com/docs/graph-api/reference/v2.2/user.context/mutual_friends
It says, "A valid user access token with user_friends permission is required to view the mutual friends of other friends using the app. "
Is there a way that I can find number and possibly names of all mutual friends between currentUser and User2, if they are not friends with each other?
I referred to many other questions:
Facebook Graph API 2.2 mutual friends => No answers
How to get Mutual Friends via Facebook's Graph API => The solution works only if the two users are friends, which may not be true in my case.
I am about to implement this myself. I have a similar use case where the two users may not be friends but I'd like to see which of their friends are mutual.
Apparently, you have to include an 'app proof' parameter with the API request from your server when the two users are not mutual friends:
If you want to call this endpoint on behalf two app-users who are not friends, then you must provide the appsecret_proof parameter along with the user access token when making the request. This means you must call this endpoint from your server.
Looks like this might be a good idea to do anyway.
Managed to find a solution and it's working. If you got the call working within you and somebody else and you both are friends on Facebook, what you need to do is create the Appsecret
which represents the App secret key found on Facebook Dev under My Apps
and the token. You create this key by running :
$appsecret_proof= hash_hmac('sha256', $access_token, $app_secret);
Afterwards you pass the token and the secret as parameters to the call:
Bundle params = new Bundle();
params.putString("appsecret_proof", appsecret_proof);
params.putString("access_token", access_token);
It is working for 2 users who are not friends.
Here is a working example for facebook mutual friend API:
curl -G -d "access_token=<access_token>" -d "appsecret_proof=<appsecret_proof>" 'https://graph.facebook.com/v2.5/{user-id}?fields=context.fields(mutual_friends)'
The App secret proof is sha256 of user access token with app secret as the key.
Remember both user should be using your App.
The response will have users who are also using your app and given friend list permission.
If you want to find specific info about the mutual friends try this:
curl -G -d "access_token=<access_token>" -d "appsecret_proof=<appsecret_proof>" 'https://graph.facebook.com/v2.5/{user-id}?fields=context.fields(mutual_friends.fields(id,name,picture.type(large)))'
This will return id, Name and current profile image link for all mutual friends. You don't need photos permission for this picture.
Facebook API does not allow this feature:
https://developers.facebook.com/bugs/346462608889036/
It's an old question but now I've dealt with it so I'll write...
to get all mutual friends if you not his friend it's passible only from
a server(in my case it's Node) as mention here:
https://developers.facebook.com/docs/graph-api/reference/user-context/all_mutual_friends/
get the token of user-2 and YOUR auth-id, also generate appsecretProof
and clientSecret from your Facebook admin panel of your app.
https://graph.facebook.com/v2.10/${auth_userId}?
fields=context.fields%28all_mutual_friends.limit%28100%29%29
&appsecret_proof=${appsecretProof}&access_token=${accessToken}
remember to ask permmision from users when they login and also send app review to Facebook to approve this feature.
with 'user_friends' permissions you can get from client only mutual friends that use in your app but not all mutual friends.